1. 29 4月, 2016 1 次提交
  2. 20 4月, 2016 1 次提交
  3. 16 4月, 2016 1 次提交
  4. 15 4月, 2016 1 次提交
    • M
      Fix ex_data locks issue · 1ee7b8b9
      Matt Caswell 提交于
      Travis identified a problem with freeing the ex_data locks which wasn't
      quite right in ff234405. Trying to fix it identified a further problem:
      the ex_data locks are cleaned up by OPENSSL_cleanup(), which is called
      explicitly by CRYPTO_mem_leaks(), but then later the BIO passed to
      CRYPTO_mem_leaks() is freed. An attempt is then made to use the ex_data
      lock already freed.
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      1ee7b8b9
  5. 14 4月, 2016 2 次提交
  6. 13 4月, 2016 9 次提交
  7. 05 4月, 2016 2 次提交
  8. 21 3月, 2016 3 次提交
  9. 12 3月, 2016 1 次提交
  10. 11 3月, 2016 3 次提交
  11. 10 3月, 2016 1 次提交
  12. 09 3月, 2016 2 次提交
  13. 08 3月, 2016 2 次提交
  14. 07 3月, 2016 2 次提交
  15. 04 3月, 2016 2 次提交
  16. 03 3月, 2016 1 次提交
  17. 02 3月, 2016 2 次提交
  18. 01 3月, 2016 1 次提交
    • M
      Fix BN_hex2bn/BN_dec2bn NULL ptr/heap corruption · 99ba9fd0
      Matt Caswell 提交于
      In the BN_hex2bn function the number of hex digits is calculated using
      an int value |i|. Later |bn_expand| is called with a value of |i * 4|.
      For large values of |i| this can result in |bn_expand| not allocating any
      memory because |i * 4| is negative. This leaves ret->d as NULL leading
      to a subsequent NULL ptr deref. For very large values of |i|, the
      calculation |i * 4| could be a positive value smaller than |i|. In this
      case memory is allocated to ret->d, but it is insufficiently sized
      leading to heap corruption. A similar issue exists in BN_dec2bn.
      
      This could have security consequences if BN_hex2bn/BN_dec2bn is ever
      called by user applications with very large untrusted hex/dec data. This is
      anticipated to be a rare occurrence.
      
      All OpenSSL internal usage of this function uses data that is not expected
      to be untrusted, e.g. config file data or application command line
      arguments. If user developed applications generate config file data based
      on untrusted data then it is possible that this could also lead to security
      consequences. This is also anticipated to be a rare.
      
      Issue reported by Guido Vranken.
      
      CVE-2016-0797
      Reviewed-by: NAndy Polyakov <appro@openssl.org>
      99ba9fd0
  19. 27 2月, 2016 1 次提交
  20. 26 2月, 2016 1 次提交
  21. 24 2月, 2016 1 次提交
    • D
      RT4339: Fix handling of <internal/bn_conf.h> · 78c83078
      David Woodhouse 提交于
      The entire contents of <internal/bn_conf.h> are unwanted in the UEFI
      build because we have to do it differently there. To support building
      for both 32-bit and 64-bit platforms without re-running the OpenSSL
      Configure script, the EDK2 environment defines THIRTY_TWO_BIT or
      SIXTY_FOUR_BIT for itself according to the target platform.
      
      The current setup is broken, though. It checks for OPENSSL_SYS_UEFI but
      before it's actually defined, since opensslconf.h hasn't yet been
      included.
      
      Let's fix that by including opensslconf.h. And also let's move the
      bn_conf.h doesn't even need to *exist* in the UEFI build environment.
      
      This is also GH PR736.
      Signed-off-by: NRich Salz <rsalz@openssl.org>
      Reviewed-by: NTim Hudson <tjh@openssl.org>
      78c83078